Customer Advisory - Palo Alto Networks Provides Coverage for Two Security Evasions

Customer Advisory - Palo Alto Networks Provides Coverage for Two Security Evasions

0
Created On 09/26/18 13:39 PM - Last Modified 07/19/22 23:07 PM


Resolution


Palo Alto Networks has released coverage for two security evasions:

Layered TCP/IP evasion overview:

Under certain conditions, unspecified layering of packet-level evasions can be used to bypass threat signature matching of the session.

Available Updates:

Customers are advised to upgrade to PAN-OS 6.0.5-h3 or later, 5.0.14-h3 or later, 4.1.18 or later, or 4.0.15 or later. These updates incorporate the ability to block this method of layered TCP/IP evasion. No configuration change is required to take advantage of this protection.

RPC fragmentation evasion overview:

Under certain conditions, specially crafted ONC RPC (commonly known as Sun RPC) packets can evade the RPC signature protections.

Available Updates:

Customers are advised to upgrade to content version 460 or later where mitigations for this evasion are included. No configuration change is required to take advantage of this protection.
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CllXCAS&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail